POSTS
PORTFOLIO
SEARCH
SHOP
  • Your Cart Is Empty!
20 Birchin Lane +44 (0) 203 006 6405
THE CHALLENGE
GDPR is one of the most significant pieces of legislation to hit banking and many other industries.  It is not the scope and complexity that are at issue, but the consequences of failure to comply.  Until now, there have been rules about the use and misuse of data, but punishment for failures to comply have been limited, even toothless.

However, with GDPR, all this changes. Once the GDPR comes into effect on 25 May 2018, all companies processing and holding the personal data of people residing in the EU must comply with it, regardless of location. 
PUNITIVE PUNISHMENT
The GDPR mandate increased transparency and control of personal data, defined obligations, and mandated punitive fines for violations: these fines are now significant, at €20 million or up to 4% of global revenues, whichever is greater.
The key differences between the current Data Protection Act and GDPR are: stronger conditions for consent; clearer statements as to why the data are needed; how data will be used; and how long data will be held. There also need to be clear processes for removal or correction of data. This applies not only to data about individual customers but also to employees and suppliers.

As a result, GDPR requires organisations to include data protection from the outset of system design, a concept known as ‘privacy by design.

GETTING READY FOR GDPR

Like any major regulatory change, GDPR has impacts across the business, touching everything from systems processes and culture. Heliocor’s approach to compliance is based on a combination of Business Consulting and Technology Implementation. There is no magic bullet to becoming compliant. Customer and employee data can be liberally distributed around the business and used in a mass of processes.
The first step in the process of becoming compliant is auditing the business to pinpoint where identity data are stored and held, how the data are used, and what permissions for its use are held. This has to cover information about any individual:
CUSTOMERS
On boarding, Sales, Trading, and Marketing lists, as well as data in Operations and fulfilment.
EMPLOYEES
Current records, past employees, contractors and associates as well as data about candidates and interviewees.
SUPPLIERS
Suppliers & partner organisation individual contact data.
IMPLEMENTING CHANGE GDPR COMPLIANCE
The core of GDPR is clearly the effective control of the personal data of clients and employees. This means changes to systems, processes, and culture. For instance, it will no longer be acceptable to create personal email groups of clients or employee data for communications purposes if such communications are outside your agreed use of the data.

Therefore, any implementation of GDPR within your business must take into account cultural change and education, and should also put in place data access, data use, and process change controls.
There are four core elements to the management of data:
  • Validation of use and secure storage of documents and information; 
  • Owner management of data;  
  • Controlled use of personal data & control of access.
  • Management of the deactivation of access and deletion of data, except where needed for legal and compliance reasons. 

Heliocor’s response to these needs is to combine the use of Dokstor and Robolitics™
Dokstor comes as a mobile app and a secure Block Chain encrypted document gateway for the sharing of information and documents. It also manages the process for authorising usage of the data for specific uses (proactive Opt-In), ensuring that your systems and processes meet the ‘privacy by design’ mantra.

Robolitics™ provides the internal controls and access rights. The use of Robolitics ensures that you can be certain users are authorised to access to the data they need whilst prohibiting other data.
YOU MAY ALSO LIKE

Digital Payments Edition

Designed to support companies providing payments services and solutions to a combination of retail and or corporate customers.

Technology Overview

Its available as a Cloudera Stack based on Hadoop for high volume and real time mission critical solution with hot failover.